Home > Software design >  Workload identity with application on Kubernetes service:kubernetes
Workload identity with application on Kubernetes service:kubernetes

Time:12-09

I am trying to deploy and manage the Kubernetes cluster using OpenID Connect issuer, I have followed this Microsoft Document to deploy the application on AKS for that I have created the resource group and install the AKS preview extension

`az group create --name myResourceGroup --location eastus
az extension add --name aks-preview
az extension update --name aks-preview

#register the enabled workload identity
az feature register --namespace "Microsoft.ContainerService" --name "EnableWorkloadIdentityPreview"az feature show --namespace "Microsoft.ContainerService" --name "EnableWorkloadIdentityPreview"
az provider register --namespace Microsoft.ContainerService`

After that when I am trying to create the Kubernetes cluster with --enable-oidc-isser I am getting below error, it is taking more than 10 minutes and showing some error

(OIDCIssuerUnsupportedk8sVersion) OIDC issuer feature requires at least Kubernetes version 1.20.0. Code: OIDCIssuerUnsupportedK8sVersion Message: OIDC issuer feature requires at least Kubernetes version 1.20.0

I have upgraded to the latest version but still getting same error. How can I export OIDC Issuer to set the Environment variables on the cluster. Thanks in Advance :)

CodePudding user response:

I tried to reproduce the same issue in my environment and got the below results

My current version is 1.23.12

enter image description here

I have created the resource group and install the extension preview and registered the EnabledworkloadidentityPreview using below command

az feature register --namespace "Microsoft.ContainerService" --name "EnableWorkloadIdentityPreview"

enter image description here

To verify the status used the below command

az feature show --namespace "Microsoft.ContainerService" --name "EnableWorkloadIdentityPreview"

I have created the AKS cluster with --enable-oidc-issuer parameter to use the OIDC issuer using below command

az aks create -g rg -n cluster --node-count 1 --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys

When I check in my environment and got the same error

enter image description here

To resolve this issue I have upgraded my AKS version using below commands

My current version is 1.23.12

enter image description here

I have upgraded the to newest version using this SO answer

enter image description here

My current version is 1.24.3 and when I the below OIDC command I am able access

az aks create -g <rg-name> -n cluster --node-count 1 --enable-oidc-issuer --enable-workload-identity --generate-ssh-keys

enter image description here

NOTE: This error will occur if the version is more than 1.20.0 we have to upgrade the version to latest version not to current version then only it will work

Page link:https//www.codepudding.com/Softwaredesign/637730.html

Prev:Conditional Cosmos DB Change Feed
Next:Find the most common value in the column of a CSV file (without pandas)
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding